Home Tags Transport Layer Security (TLS)

Tag: Transport Layer Security (TLS)

Shambling corpse of ancient, shoddy, buggy, crypto shoved towards the grave Developers working with OpenSSL can finally start to work with TLS 1.3, thanks to the alpha version of OpenSSL 1.1.1 that landed yesterday.…
Newly discovered hack would allow attackers to send data between two systems during TLS negotiation, researchers say.
Researchers have found a new covert data exchange technique that abuses the TLS protocol that can circumvent traditional network perimeter protections.
Shared hosting oversight bites free SSL/TLS certificate org Let's Encrypt – a SSL/TLS certificate authority run by the non-profit Internet Security Research Group (ISRG) to programmatically provide websites with free certs for their HTTPS websites – on...
It is possible to exploit the protocol to obtain certificates for domains you do not own.
On January 28, 2016, the OpenSSL Project released a security advisory detailing two vulnerabilities. Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, ...
Attackers bypass HTTPS encryption protection by registering new TLS certificate.
New Webhook and Graph API tools help to make it easier for developers to identify when an SSL/TLS certificate has been mis-issued.
New research shows how an old vulnerability called ROBOT can be exploited using an adaptive chosen-ciphertext attack to reveal the plaintext for a given TLS session.
Two-decade-old hole lets hackers unlock encrypted data A 19-year-old vulnerability in the TLS network security protocol has been found in the software of at least eight IT vendors and open-source projects – and the bug could allow an attacker to decryp...
Sites vulnerable to newly revived ROBOT exploit included Facebook and PayPal.
On December 12, 2017, a research paper with the title Return of Bleichenbacher's Oracle Threat was made publicly available.

This paper describes how some Transport Layer Security (TLS) stacks are vulnerable to variations of the classic Bleichenbac...